Add -Wall -Wextra flags to the build script and fix the resulting compiler warnings

This commit is contained in:
2025-12-02 12:02:59 +01:00
parent f1fd633356
commit f6d81c1a87
10 changed files with 83 additions and 59 deletions
+35 -23
View File
@@ -1765,6 +1765,8 @@ void client_secure_context_free(ClientSecureContext *ctx)
{
#ifdef HTTPS_ENABLED
SSL_CTX_free(ctx->p);
#else
(void) ctx;
#endif
}
@@ -2227,6 +2229,7 @@ static bool is_secure(Socket *s)
return s->server_secure_context != NULL
|| s->client_secure_context != NULL;
#else
(void) s;
return false;
#endif
}
@@ -2620,7 +2623,6 @@ int socket_manager_wakeup(SocketManager *sm)
// NOTE: It's assumed send/write operate atomically
// on The descriptor.
char byte = 1;
int ret = 0;
#ifdef _WIN32
if (send(sm->signal_sock, &byte, 1, 0) < 0)
return HTTP_ERROR_UNSPECIFIED;
@@ -2733,10 +2735,6 @@ int socket_manager_translate_events(
if (sm->num_used == sm->max_used)
continue;
// Determine whether the event came from
// the encrypted listener or not.
bool secure = (reg.polled[i].fd == sm->secure_sock);
Socket *s = sm->sockets;
while (s->state != SOCKET_STATE_FREE) {
s++;
@@ -2757,6 +2755,10 @@ int socket_manager_translate_events(
s->events = 0;
s->user = NULL;
#ifdef HTTPS_ENABLED
// Determine whether the event came from
// the encrypted listener or not.
bool secure = (reg.polled[i].fd == sm->secure_sock);
s->ssl = NULL;
s->server_secure_context = NULL;
s->client_secure_context = NULL;
@@ -2996,6 +2998,8 @@ int socket_connect(SocketManager *sm, int num_targets,
s->client_secure_context = &sm->client_secure_context;
s->dont_verify_cert = dont_verify_cert;
}
#else
(void) dont_verify_cert;
#endif
sm->num_used++;
@@ -3069,6 +3073,9 @@ int socket_recv(SocketManager *sm, SocketHandle handle,
ret = 0;
}
return ret;
#else
// Unreachable
return 0;
#endif
}
}
@@ -3117,13 +3124,15 @@ int socket_send(SocketManager *sm, SocketHandle handle,
ret = 0;
}
return ret;
#else
// Unreachable
return 0;
#endif
}
}
void socket_close(SocketManager *sm, SocketHandle handle)
{
int ret;
Socket *s = handle_to_socket(sm, handle);
if (s == NULL)
return;
@@ -3154,7 +3163,6 @@ void socket_set_user(SocketManager *sm, SocketHandle handle, void *user)
bool socket_ready(SocketManager *sm, SocketHandle handle)
{
bool ready = false;
Socket *s = handle_to_socket(sm, handle);
if (s == NULL)
return false;
@@ -3349,7 +3357,7 @@ int byte_queue_write_setmincap(ByteQueue *queue, uint32_t mincap)
if (size > queue->limit)
size = queue->limit;
uint8_t *data = malloc(size);
char *data = malloc(size);
if (!data) {
queue->flags |= BYTE_QUEUE_ERROR;
return 0;
@@ -3406,7 +3414,7 @@ void byte_queue_write_fmt2(ByteQueue *queue,
return;
}
if (len > dst.len) {
if ((size_t) len > dst.len) {
byte_queue_write_ack(queue, 0);
byte_queue_write_setmincap(queue, len+1);
dst = byte_queue_write_buf(queue);
@@ -3447,7 +3455,7 @@ void byte_queue_patch(ByteQueue *queue, ByteQueueOffset off,
assert(len <= queue->used - (off - queue->curs));
// Perform the patch
uint8_t *dst = queue->data + queue->head + (off - queue->curs);
char *dst = queue->data + queue->head + (off - queue->curs);
memcpy(dst, src, len);
}
@@ -4855,6 +4863,20 @@ void http_response_builder_status(HTTP_ResponseBuilder builder, int status)
conn->state = HTTP_SERVER_CONN_WAIT_HEADER;
}
static bool is_header_valid(HTTP_String str)
{
bool has_colon = false;
for (int i = 0; i < str.len; i++) {
char c = str.ptr[i];
if (c == ':')
has_colon = true;
// Reject control characters (especially \r and \n)
if (c < 0x20 && c != '\t')
return false;
}
return has_colon;
}
void http_response_builder_header(HTTP_ResponseBuilder builder, HTTP_String str)
{
HTTP_ServerConn *conn = builder_to_conn(builder);
@@ -4864,19 +4886,9 @@ void http_response_builder_header(HTTP_ResponseBuilder builder, HTTP_String str)
if (conn->state != HTTP_SERVER_CONN_WAIT_HEADER)
return;
// Validate header: must contain a colon and no control characters
// (to prevent HTTP response splitting attacks)
bool has_colon = false;
for (int i = 0; i < str.len; i++) {
char c = str.ptr[i];
if (c == ':')
has_colon = true;
// Reject control characters (especially \r and \n)
if (c < 0x20 && c != '\t')
return;
}
if (!has_colon)
return;
// Header must contain a colon and no control characters
// to prevent HTTP response splitting attacks
if (!is_header_valid(str)) return; // Silently drop it
byte_queue_write(&conn->output, str.ptr, str.len);
byte_queue_write(&conn->output, "\r\n", 2);